"use strict";
// 定制白名单
const whiteList = ["/admin/user/login"];

module.exports = () => {
  return async function (ctx, next) {
    if (!whiteList.some((item) => item == ctx.request.url)) {
      //判断接口路径是否在白名单
      let token = ctx.request.header.token; //拿到token
      if (token) {
        //如果token存在
        let decoded = ctx.app.jwt.verify(token, ctx.app.config.jwt.secret)//解密token
        const res = await ctx.app.mysql.get("login_user", {
          token,
        });
        if (res?.name === decoded?.name && res?.password === decoded?.password) {
          await next();
        } else {
          ctx.body = {
            code: 302,
            message: "token不对",
          };
        }
      } else {
        ctx.body = {
          code: 302,
          message: "没有token",
        };
      }
    } else {
      await next();
    }
  };
};
